activated charcoal
play

Activated Charcoal Making Sense of Endpoint Data Company - PowerPoint PPT Presentation

Jul 11, 2023 •203 likes •828 views

Powered by Activated Charcoal Making Sense of Endpoint Data Company Confidential Greg Foss Sarah Miller Head of Global Security Operations Threat Intelligence Analyst LogRhythm Carbon Black The Endpoint is the new Perimeter The easiest

  1. Powered by Activated Charcoal Making Sense of Endpoint Data Company Confidential

  2. Greg Foss Sarah Miller Head of Global Security Operations Threat Intelligence Analyst LogRhythm Carbon Black

  3. The Endpoint is the new Perimeter

  4. The easiest path into any network… Company Confidential

  5. Social Engineering Nothing like a little pretext to get people to click on your links… Company Confidential

  6. Phishing • 91% of ‘advanced’ attacks began with a phishing email • or similar social engineering tactics. http://www.infosecurity-magazine.com/view/29562/91-of- • apt-attacks-start-with-a-spearphishing-email/ 2014 Metrics • Average cost per breach => $3.5 million • 15% Higher than the previous year • http://www.ponemon.org/blog/ponemon-institute- • releases-2014-cost-of-data-breach-global-analysis Company Confidential

  7. Drive By Downloads, Malvertizing, and Watering Hole Attacks Image Source: Company Confidential https://blog.kaspersky.com/what-is-malvertising/5928/

  8. Company Confidential

  9. Training is Critical to Success

  10. Key Focus Areas: • Employees Image Source: http://www.cloudpro.co.uk/hr/5803/gov-offers-hr-workers-free-cyber-security-training Company Confidential

  11. End User Tips - Phishing Company Confidential

  12. All You Need is + Company Confidential

  13. Shortened URL Tracking Company Confidential

  14. Feedback Loop Company Confidential

  15. Testing and Validation

  16. Rogue Wi-Fi Network – Threat Simulation Company Confidential

  17. USB Drop – Training Exercise : Case Study Company Confidential

  18. Building a Believable Campaign Use realistic files with somewhat realistic data Staged approach to track file access and exploitation Company Confidential

  19. “Nobody’s going to an an exe from some random USB” - Greg Yep… They ran it... Company Confidential

  20. Now we have our foothold… Fortunately they didn’t run this as an admin Company Confidential

  21. Company Confidential

  22. Key Focus Areas: • Employees • IT Staff • Roles and Responsibilities • Incident Response Duties • Configuration Monitoring • Malware Removal • Security Infrastructure Company Confidential

  23. Key Focus Areas: • Employees • IT Staff • Security Staff • Table Top and Red vs Blue Exercises • Threat Simulation Leads to Process Improvement • Announced vs Unannounced Simulations or Penetration Testing Company Confidential

  24. Purple Team FTW! • Employees • IT Staff • Security Staff • Table Top and Red vs Blue Exercises • Threat Simulation Leads to Process Improvement • Announced vs Unannounced Simulations or Penetration Testing Company Confidential

  25. Key Focus Areas: • Employees • IT Staff • Security Staff • Leadership Company Confidential

  26. Key Focus Areas: • Employees • IT Staff • Security Staff • Leadership • Processes and Procedures Company Confidential

  27. Continuous Monitoring and Detection

  28. Automating OSINT and Response API Integration SecOps Infrastructure Domain Tools Netflow / IDS Passive Total Firewalls VirusTotal Proxy / DNS SIEM Cisco AMP ThreatGRID Endpoint Company Confidential

  29. Company Confidential

  30. Malware Beaconing Company Confidential

  31. Company Confidential

  32. Malware Beaconing Company Confidential

  33. Correlate Network / Log Activity with Endpoint Data Company Confidential

  34. Macro Phishing Attacks • Common • Bypasses Most AV • Heavily Obfuscated • Newer attacks targeting Office 365 Company Confidential

  35. Macro Attack Detection Company Confidential

  36. Full Command Line Details Company Confidential

  37. Full Command Line Details Company Confidential

  38. Be Careful – Don’t Jump To Conclusions… Company Confidential

  39. Centralized Logging and Event Management

  40. Company Confidential

  41. Threat Feed Configuration Company Confidential

  42. Full Event Alerting Company Confidential

  43. Syslog Only Company Confidential

  44. Tuning Feeds Company Confidential

  45. Watchlist Configuration Company Confidential

  46. Carbon Black Event Forwarder LogRhythm => Use LEEF Format https://github.com/carbonblack/cb-event-forwarder Company Confidential

  47. Dashboards and Investigations

  48. Company Confidential

  49. Company Confidential

  50. Company Confidential

  51. Company Confidential

  52. Company Confidential

  53. Company Confidential

  54. Long Tail Analysis Strange activity can bubble to the surface when viewing the whole picture Company Confidential

  55. Company Confidential

  56. Company Confidential

  57. Taking it a Step Further…

  58. Additional Integration Alarming Trigger on Specific Watch List Hits Company Confidential

  59. Additional Integration Alarming Admin Tracking Company Confidential

  60. Additional Integration Alarming Admin Tracking Reporting Company Confidential

  61. Additional Integration Alarming Admin Tracking Reporting Automation Perform Actions Based on Alarms Observed Company Confidential

  62. Thank You! QUESTIONS? Greg Foss Sarah Miller Greg . Foss [at] LogRhythm . com SMiller [at] CarbonBlack . com @heinzarelli @beyazfar3 Company Confidential

Recommend

Vegetal Charcoal Vegetal Charcoal Vegetal Charcoal Vegetal Charcoal We, can make up with the

Vegetal Charcoal Vegetal Charcoal Vegetal Charcoal Vegetal Charcoal We, can make up with the

Vegetal Charcoal Vegetal Charcoal Vegetal Charcoal Vegetal Charcoal We, can make up with the name you want, as in this case we made for ARO Vegetal Charcoal From Venezuela Description: Charcoal obtained from wood of hard consistency from natural

540 views • 8 slides
Natural Charcoal Tablets TM Natural Charcoal Tablets Freshness, with a touch of Heritage

Natural Charcoal Tablets TM Natural Charcoal Tablets Freshness, with a touch of Heritage

TM TM Natural Charcoal T ablets Natural Charcoal Tablets Presenting TM Natural Charcoal Tablets TM Natural Charcoal Tablets Freshness, with a touch of Heritage Safety, with added Convenience Irfaz brings to you an exclusive range of

294 views • 16 slides
Smart Charcoal Tablets from Malaysia Smart Charcoal Tablets from Malaysia Freshness, with a

Smart Charcoal Tablets from Malaysia Smart Charcoal Tablets from Malaysia Freshness, with a

TM Natural Charcoal T ablets Smart Charcoal Tablets from Malaysia Presenting Smart Charcoal Tablets from Malaysia Smart Charcoal Tablets from Malaysia Freshness, with a touch of Heritage Safety, with added Convenience Irfaz brings to you

690 views • 16 slides
Premium Charcoal Tablets from Malaysia Premium Charcoal Tablets from Malaysia Freshness, with a

Premium Charcoal Tablets from Malaysia Premium Charcoal Tablets from Malaysia Freshness, with a

TM Natural Charcoal T ablets Premium Charcoal Tablets from Malaysia Presenting Premium Charcoal Tablets from Malaysia Premium Charcoal Tablets from Malaysia Freshness, with a touch of Heritage Safety, with added Convenience Irfaz brings

373 views • 16 slides
Investigation of Charcoal Production Methods Investigation of Charcoal Production Methods for

Investigation of Charcoal Production Methods Investigation of Charcoal Production Methods for

Investigation of Charcoal Production Methods Investigation of Charcoal Production Methods for Sajalices for Sajalices The Mangrove Charcoal Sustainability Engineers for Sajalices Wilbel Brewer (wjbrewer@mtu.edu) Aaron Cypher

365 views • 19 slides
Metallurgy and the Industrial Revolustion By: Tyler Linza Charcoal was originally used in

Metallurgy and the Industrial Revolustion By: Tyler Linza Charcoal was originally used in

Metallurgy and the Industrial Revolustion By: Tyler Linza Charcoal was originally used in smelting Although charcoal kinda worked, it didn t get as hot as coal Charcoal has a combustion temp of up to 1,300 degrees while coal has

213 views • 8 slides
The environm ental, econom ic and social co-benefits of charcoal substitution by bioethanol in

The environm ental, econom ic and social co-benefits of charcoal substitution by bioethanol in

The environm ental, econom ic and social co-benefits of charcoal substitution by bioethanol in Malaw i and Mozam bique Anne Wanjiru Nyambane ESPA FELLOW INCEPTION WORKSHOP-10 th July 2014-London I ntroduction Demand for charcoal is on the

273 views • 9 slides
Problems Our Solution: Green Charcoal Produced from agricultural waste 65% cheaper than

Problems Our Solution: Green Charcoal Produced from agricultural waste 65% cheaper than

Problems Our Solution: Green Charcoal Produced from agricultural waste 65% cheaper than charcoal from wood Burns cleaner and longer Usable in any cook stove Business Model Demand Exceeds Supply EFA is currently supply constrained

63 views • 5 slides
The best equipment For the charcoal production Impex Trading Production LLC has been

The best equipment For the charcoal production Impex Trading Production LLC has been

The best equipment For the charcoal production Impex Trading Production LLC has been manufacturing equipment for charcoal production since 2012 year. During this time our company has become the only company in the world that produces such an

272 views • 13 slides
Use of ac)vated CHARcoal in Poisoned Pa)ents (CHARPP Program)

Use of ac)vated CHARcoal in Poisoned Pa)ents (CHARPP Program)

Use of ac)vated CHARcoal in Poisoned Pa)ents (CHARPP Program) Maude St-Onge, Emmanuel Charbonney, Michal Chass, Guillaume Lacombe, Franois Lamontagne,

780 views • 43 slides
MICROSCOPY and ACTIVATED SLUDGE PROCESS CONTROL Mackenzie L. Davis MWEA Process Seminar

MICROSCOPY and ACTIVATED SLUDGE PROCESS CONTROL Mackenzie L. Davis MWEA Process Seminar

MICROSCOPY and ACTIVATED SLUDGE PROCESS CONTROL Mackenzie L. Davis MWEA Process Seminar November 2015 CREDITS Activated Sludge Microscopy Notes & Thoughts The ultimate objective of activated sludge microscopy is to identify

1.18k views • 60 slides
Soil Vapour Forum- Charcoal Tubes and Miscellaneous Sampling Methods Right solutions.

Soil Vapour Forum- Charcoal Tubes and Miscellaneous Sampling Methods Right solutions.

ANALYTICAL CHEMISTRY & TESTING SERVICES Soil Vapour Forum- Charcoal Tubes and Miscellaneous Sampling Methods Right solutions. presented by Kari Mulroy .Right partner ANALYTICAL CHEMISTRY & TESTING SERVICES Charcoal Tubes

565 views • 17 slides
Study of the infmuence of the intrinsic parameters of charcoal pellets and relative humidity on

Study of the infmuence of the intrinsic parameters of charcoal pellets and relative humidity on

Study of the infmuence of the intrinsic parameters of charcoal pellets and relative humidity on compressive strength and moisture adsorption Philippe Bernard HIMBANE PhD student Department of Physics University Assane Seck of Ziguinchor /

510 views • 19 slides
Treatment of Emerging Contaminants with Activated Persulfate Philip Block, PhD FMC Corporation

Treatment of Emerging Contaminants with Activated Persulfate Philip Block, PhD FMC Corporation

Treatment of Emerging Contaminants with Activated Persulfate Philip Block, PhD FMC Corporation Agenda Brief overview of persulfate chemistry PFOA and PFOS 1,4-dioxane Metals (mercury and arsenic) Activated Persulfate Chemistry

362 views • 25 slides
Critical density for Activated Random Walk Lorenzo Taggi Max Planck Institute for Mathematics in

Critical density for Activated Random Walk Lorenzo Taggi Max Planck Institute for Mathematics in

Critical density for Activated Random Walk Critical density for Activated Random Walk Lorenzo Taggi Max Planck Institute for Mathematics in the Sciences Leipzig, Germany June 24, 2014 1 Critical density for Activated Random Walk Outline 1

612 views • 29 slides
Introduction to REDD+ Plantations and Charcoal Production in Thailand 2014 JICA Training for

Introduction to REDD+ Plantations and Charcoal Production in Thailand 2014 JICA Training for

Economic and Climate Benefits from Utilization of Unused Farmlands for Eucalyptus Introduction to REDD+ Plantations and Charcoal Production in Thailand 2014 JICA Training for NAMA/MRV (Low Carbon City Planning) 2014 ISSAAS International Congress

699 views • 25 slides
Transforming Tanzanias Charcoal Sector Charles Meshack Executive Director Tanzania Forest

Transforming Tanzanias Charcoal Sector Charles Meshack Executive Director Tanzania Forest

Transforming Tanzanias Charcoal Sector Charles Meshack Executive Director Tanzania Forest Conservation Group 22 nd November 2016 Workshop Objectives To enhance stakeholder understanding of recent changes in policy and practice in local

500 views • 20 slides
Charcoal Briquettes Cheap, environmentally-friendly bio fuel and devices 2.009 Blue Team A

Charcoal Briquettes Cheap, environmentally-friendly bio fuel and devices 2.009 Blue Team A

Charcoal Briquettes Cheap, environmentally-friendly bio fuel and devices 2.009 Blue Team A Dexter Ang, John Brewer, Kevin Chen, Greg Fonder, Danny Hilton, Matt Krueger, Andres Pino 2.009 Blue Team A October 7, 2004 Piston Extrusion 2.009

420 views • 4 slides
in Service in Service of Humanity of Humanity James L Barnard, Ph.D., D.Ing. h.c. BCEE, WEF

in Service in Service of Humanity of Humanity James L Barnard, Ph.D., D.Ing. h.c. BCEE, WEF

DSD DSD Inte Interna rnation tional Con al Confere ferenc nce e 20 2014 14 Sustainable Stormwater and Wastewater Management The The Activated Activated Sludge ludge Process rocess in Service in Service of Humanity of Humanity

864 views • 71 slides
Charcoal for terra preta Michael J. Antal, Jr, Goro Uehara, Jonathan Deenik, and Tai McClellan

Charcoal for terra preta Michael J. Antal, Jr, Goro Uehara, Jonathan Deenik, and Tai McClellan

Charcoal for terra preta Michael J. Antal, Jr, Goro Uehara, Jonathan Deenik, and Tai McClellan Hawaii Natural Energy Institute and The College of Tropical Agriculture & Human Resources University of Hawaii at Manoa Nov 27, 2007

1.92k views • 34 slides
Pyrolysis & Char Processes Fernando Preto CanmetENERGY, Natural Resources Canada Charcoal

Pyrolysis & Char Processes Fernando Preto CanmetENERGY, Natural Resources Canada Charcoal

Pyrolysis & Char Processes Fernando Preto CanmetENERGY, Natural Resources Canada Charcoal Production & Use Pyrolysis in late medieval foundry processes Georgius Agricola, De Re Metallica Libri XII, MDLVI English translation 1912 by

330 views • 17 slides
Sugar Brick: Charcoal Briquette Compactor Team Blue B October 7, 2004 Contents Current

Sugar Brick: Charcoal Briquette Compactor Team Blue B October 7, 2004 Contents Current

Sugar Brick: Charcoal Briquette Compactor Team Blue B October 7, 2004 Contents Current briquette process Customer needs Market needs Competing technologies Design requirements Lever compression model Ratchet press

292 views • 11 slides
Sugar Brick: Charcoal Briquette Compactor Team Blue B October 7, 2004 Ratchet press model

Sugar Brick: Charcoal Briquette Compactor Team Blue B October 7, 2004 Ratchet press model

Sugar Brick: Charcoal Briquette Compactor Team Blue B October 7, 2004 Ratchet press model Iteration 1 Locking Mechanism Incremental Application of Force Foot or Hand Operated Batch of 5 Briquettes Compact Size

109 views • 9 slides
Charcoal Briquettes Mockup Review 2.009 Blue Team A Dexter Ang, John Brewer, Kevin Chen,

Charcoal Briquettes Mockup Review 2.009 Blue Team A Dexter Ang, John Brewer, Kevin Chen,

Charcoal Briquettes Mockup Review 2.009 Blue Team A Dexter Ang, John Brewer, Kevin Chen, Greg Fonder, Danny Hilton, Matt Krueger, Andres Pino 2.009 Blue Team A October 21, 2004 Key Challenges Loading Hopper design Position of

309 views • 11 slides

More recommend